SMB: Samba smbd Daemon Symlink Verification Information Disclosure
This signature detects attempts to exploit a known vulnerability against Samba smbd Daemon while performing Symlink Verification. The vulnerability is due to flaws in the symbolic link verification mechanism. Successful attack could lead to disclosure of sensitive information which could lead to further attacks.
Extended Description
vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points outside of a share.
Affected Products
Samba samba
Short Name
SMB:SAMBA:SYMLINK-INFODISC
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
SMB
Keywords
CVE-2015-5252 Daemon Disclosure Information Samba Symlink Verification smbd
Release Date
01/04/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Samba
Debian
Canonical
CVSS Score
5.0